Monday, November 25, 2002

Specifying HTTP headers in CFHTTPPARAM

If you find yourself needing to "spoof" different headers in a CFHTTP operation, such as to change the referer, accept encoding value, or other header you may know that you need to use CFHTTPPARAM and its available TYPE="CGI" attribute. But you may have challenges using that if you try to simply fill the corresponding NAME Attribute with the name of the equivalent CGI variables that CF exposes.

For instance, the Referer variable in the HTTP header becomes CGI.HTTP_REFERER. You might be lulled into thinking that the appropriate way to override/spoof that with a new value in CFHTTPPARAM would be:


but that will not produce the desired result. Indeed, what it will do is cause a CGI.HTTP_HTTP_REFERER variable to be created on the page being called.

So you may easily deduce that you should leave off the HTTP_ in the NAME attribute, and that is correct.

But what about the CGI.HTTP_ACCEPT_ENCODING? This is the value that indicates whether the browser you're simulating (with CFHTTP) should accept GZIP compressed output. (More about that in a later blog to come on doing GZip filtering with CFMX). The point is, if you want to set that on a CFHTTPPARAM and try to it as follows:


that will still not produce the desired result. It will NOT pass create the specified value. Why not? Because though the docs don't clarify it, you need to specify the header names by their standard actual names as defined in the HTTP standard. In the case of this header, it's accept-encoding, using a dash rather than the underscore that CF uses in the name it converts to.

So how'd I know the correct name to use? It's documented at this W3C page.

But how did I know what to value to use for the VALUE attribute for the accept-encoding? I wanted in the CFHTTP to send the same value that a browser would send, so I looked at what the value was in a a dump of CGI.HTTP_ACCEPT_ENCODING while browsing a page in a regular browser, and "gzip,deflate" was that value.

As a somewhat interesting side note, if you don't override the value this way using CFHTTPPARAM, then the value would be null on a page called by CFHTTP. Again, this will be more important in regard to a later blog entry I'll offer on gzip filtering and setting up tests of that using CFHTTP.

One last comment: you don't need to set the user-agent header using CFHTTPPARAM, though. The CFHTTP tag has a special USERAGENT attribute just for this specific requirement.

No comments: